Firewall

Open the machine → Firewall tab.

A firewall group is a reusable set of rules you attach to one or more machines. Each rule has a direction (incoming/outgoing), protocol (TCP/UDP/ICMP/GRE), port(s) and a source/destination CIDR (empty = any).

By default each group ends with incoming DROP (deny inbound unless allowed) and outgoing ACCEPT (allow outbound), so add an inbound rule for every service you expose (e.g. TCP 22, 443). Toggle a group On/Off and click Apply Changes — it applies live, no reboot.

Warning: Keep an inbound rule for SSH/RDP or you may lock yourself out.

Was this helpful?